Commit fc8bb834 authored by Valerie Aurora's avatar Valerie Aurora
Browse files

Remove LOC = 3 and update use cases/security profiles

parent 7a5e404c

EN-304-625.md

+18 −19
Original line number Diff line number Diff line
@@ -1685,9 +1685,8 @@ Rationale: More agents with access on the host increase the likelihood of an att 
Type: Affects likelihood of attacks originating from the host system.



  * **[LOC-L-0]** Foreseeable use is effectively no agents on the host

  * **[LOC-L-1]** Foreseeable use is only trusted agents with a formal approval system

  * **[LOC-L-2]** Foreseeable use is trusted agents with an informal approval system

  * **[LOC-L-3]** Foreseeable use includes untrusted agents

  * **[LOC-L-1]** Foreseeable use is trusted agents

  * **[LOC-L-2]** Foreseeable use includes untrusted agents



**[NET]** Degree of public access to attached network
@@ -2018,10 +2017,10 @@ Requirements: NKEV, SCUD, SSDD, MSAF, LMAS, LOGG 
| UC-WD-4  | 0   | 2   | 1   | 0   | 2   | 1   | 0   | 1   | 2   | 1   | SP-WD-2 |

| UC-WD-5  | 0   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 1   | 1   | SP-WD-2 |

| UC-WD-6  | 1   | 1   | 1   | 0   | 1   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-7  | 2   | 1   | 1   | 1   | 0   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-8  | 2   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-9  | 3   | 2   | 1   | 0   | 2   | 1   | 0   | 1   | 2   | 1   | SP-WD-4 |

| UC-WD-10 | 3   | 2   | 1   | 0   | 2   | 1   | 0   | 0   | 0   | 1   | SP-WD-4 |

| UC-WD-7  | 1   | 1   | 1   | 1   | 0   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-8  | 1   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-9  | 2   | 2   | 1   | 0   | 2   | 1   | 0   | 1   | 2   | 1   | SP-WD-4 |

| UC-WD-10 | 2   | 2   | 1   | 0   | 2   | 1   | 0   | 0   | 0   | 1   | SP-WD-4 |



#### C.5.2.2 Wireless network interface use cases
@@ -2032,17 +2031,17 @@ Requirements: NKEV, SCUD, SSDD, MSAF, LMAS, LOGG 
| UC-WL-3  |   0 |   2 |   2 |   1 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-1 |

| UC-WL-4  |   1 |   2 |   2 |   0 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-2 |

| UC-WL-5  |   1 |   1 |   2 |   1 |   1 |   1 |   1 |   1 |   1 |   1 | SP-WL-2 |

| UC-WL-6  |   2 |   2 |   2 |   1 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-3 |

| UC-WL-7  |   3 |   2 |   2 |   1 |   2 |   1 |   0 |   0 |   0 |   1 | SP-WL-3 |

| UC-WL-6  |   1 |   2 |   2 |   1 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-3 |

| UC-WL-7  |   2 |   2 |   2 |   1 |   2 |   1 |   0 |   0 |   0 |   1 | SP-WL-3 |



#### C.5.2.3 Virtual network interface use cases



| Use case | LOC | NET | COM | ADM | LIS | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-VI-1  |   2 |   0 |   0 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-1 |

| UC-VI-2  |   2 |   2 |   2 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-2 |

| UC-VI-1  |   1 |   0 |   0 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-1 |

| UC-VI-2  |   1 |   2 |   2 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-2 |

| UC-VI-3  |   1 |   1 |   2 |   0 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |

| UC-VI-4  |   3 |   2 |   2 |   0 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |

| UC-VI-4  |   2 |   2 |   2 |   0 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |



## C.6 Security profiles
@@ -2060,8 +2059,8 @@ Security profiles are associated with sets of risk factor levels. 
|------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|

| SP-WD-1          | 0   | 0   | 1   | 1   | 0   | 1   | 0   | 1   | 1   | 2   |

| SP-WD-2          | 0   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 2   | 1   |

| SP-WD-3          | 2   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 1   | 1   |

| SP-WD-4          | 3   | 2   | 1   | 0   | 2   | 1   | 0   | 1   | 2   | 1   |

| SP-WD-3          | 1   | 2   | 1   | 1   | 2   | 1   | 0   | 1   | 1   | 1   |

| SP-WD-4          | 2   | 2   | 1   | 0   | 2   | 1   | 0   | 1   | 2   | 1   |



#### C.6.2.2 Wireless network interface security profiles
@@ -2069,14 +2068,14 @@ Security profiles are associated with sets of risk factor levels. 
|------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|

| SP-WL-1          | 0   | 2   | 2   | 1   | 2   | 1   | 1   | 1   | 1   | 1   |

| SP-WL-2          | 1   | 2   | 2   | 1   | 2   | 1   | 1   | 1   | 1   | 1   |

| SP-WL-3          | 3   | 2   | 2   | 1   | 2   | 1   | 1   | 1   | 1   | 1   |

| SP-WL-3          | 2   | 2   | 2   | 1   | 2   | 1   | 1   | 1   | 1   | 1   |



#### C.6.2.3 Virtual network interface security profiles



| Security profile | LOC | NET | COM | ADM | SYS | SDS | SDT | FUN | INT |

|------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|

| SP-VI-1          |   2 |   0 |   0 |   1 |   1 |   1 |   1 |   1 |   0 |

| SP-VI-2          |   3 |   2 |   2 |   1 |   1 |   2 |   2 |   2 |   0 |

| Security profile | LOC | NET | COM | ADM | LIS | SYS | SDS | SDT | FUN | INT |

|------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|

| SP-VI-1          | 1   | 0   | 0   | 1   | 0   | 1   | 1   | 1   | 1   | 0   |

| SP-VI-2          | 2   | 2   | 2   | 1   | 0   | 1   | 2   | 2   | 2   | 0   |



# Annex D (informative): Risk evaluation guidance